Bot-based data collection for detecting phone solicitations

ABSTRACT

One embodiment provides a method comprising answering one or more incoming phone calls received at one or more pre-specified phone numbers utilizing a bot. The bot is configured to engage in a conversation with a caller initiating an incoming phone call utilizing a voice recording that impersonates a human being. The method further comprises recording each conversation the bot engages in, and classifying each recorded conversation as one of poison data or truthful training data based on content of the recorded conversation and one or more learned detection models for detecting poisoned data.

The present invention generally relates to filtering unwanted phonesolicitations, and more particularly, to a bot-based honeypot poisonresilient data collection system and method for collecting training datafor detecting or preventing unwanted phone solicitations.

BACKGROUND

Phone scams are fraud crimes initiated by perpetrators via phone callsor voice messages. Victims of phone scams may be affected financiallyand/or emotionally. For example, a victim of a phone scam is oftentricked into providing money, private information, and/or remote accessto one or more of their devices to a perpetrator of the phone scam overthe phone. In recent years, hundreds of millions of dollars in financiallosses are attributable to phone scams. Phone scams may affect anydemographic (e.g., elderly, teenagers, other vulnerable populations,etc.) and any geographic location (e.g., countries, etc.).

SUMMARY

One embodiment provides a method comprising answering one or moreincoming phone calls received at one or more pre-specified phone numbersutilizing a bot. The bot is configured to engage in a conversation witha caller who initiates an incoming phone call utilizing a voicerecording that impersonates a human being. The method further comprisesrecording each conversation the bot engages in, and classifying eachrecorded conversation as one of poison data or truthful training databased on content of the recorded conversation and one or more learneddetection models for detecting poisoned data.

These and other aspects, features and advantages of the invention willbe understood with reference to the drawing figures, and detaileddescription herein, and will be realized by means of the variouselements and combinations particularly pointed out in the appendedclaims. It is to be understood that both the foregoing generaldescription and the following brief description of the drawings anddetailed description of the invention are exemplary and explanatory ofpreferred embodiments of the invention, and are not restrictive of theinvention, as claimed.

BRIEF DESCRIPTION OF THE DRAWINGS

The subject matter which is regarded as the invention is particularlypointed out and distinctly claimed in the claims at the conclusion ofthe specification. The foregoing and other objects, features, andadvantages of the invention are apparent from the following detaileddescription taken in conjunction with the accompanying drawings inwhich:

FIG. 1 illustrates an example computer architecture for collectingpoison resilient training data for detecting/preventing unwanted phonesolicitations, in accordance with an embodiment of the invention;

FIG. 2 illustrates an example bot-based honeypot data collection systemin detail, in accordance with an embodiment of the invention;

FIG. 3 is a flowchart for an example process for collecting poisonresilient training data for detecting/preventing unwanted phonesolicitations; and

FIG. 4 is a high level block diagram showing an information processingsystem useful for implementing an embodiment of the present invention.

The detailed description explains the preferred embodiments of theinvention, together with advantages and features, by way of example withreference to the drawings.

DETAILED DESCRIPTION

The present invention generally relates to filtering unwanted phonesolicitations, and more particularly, to a bot-based honeypot poisonresilient data collection system and method for collecting training datafor detecting or preventing unwanted phone solicitations. One embodimentprovides a method comprising answering one or more incoming phone callsreceived at one or more pre-specified phone numbers utilizing a bot. Thebot is configured to engage in a conversation with a caller whoinitiates an incoming phone call utilizing a voice recording thatimpersonates a human being. The method further comprises recording eachconversation the bot engages in, and classifying each recordedconversation as one of poison data or truthful training data based oncontent of the recorded conversation and one or more learned detectionmodels for detecting poisoned data.

For expository purposes, the term “phone call” as used herein refers toany type of phone call such as, but not limited to, a phone call to/froma landline phone, a phone call to/from a mobile phone, a Voice overInternet Protocol (VoIP) phone call, a phone call to/from a satellitephone, and other types of phone calls.

For expository purposes, the term “caller” as used herein refers to aperpetrator of a phone scam, a telemarketing call, or another type ofunwanted phone solicitation. The terms “caller”, “scammer”,“telemarketer”, “perpetrator”, and “adversary” may be usedinterchangeably in the specification.

For expository purposes, the term “target” as used herein refers to atarget of a phone scam, a telemarketing call, or another type ofunwanted phone solicitation. The terms “victim” and “target” may be usedinterchangeably in the specification.

For expository purposes, the term “honeypot” as used herein refers to aset of phone numbers that appears to be legitimate to adversaries butare actually isolated and monitored. For example, a honeypot of phonenumbers may be used to receive phone calls; scammers/telemarketers whocall the phone numbers are identified and later blocked.

For expository purposes, the term “poison data” as used herein refers todata that is crafted by an adversary to manipulate machine learningmodels that are trained based on such poison data, resulting inmisclassifications that are to the advantage of the adversary (e.g., theadversary avoids detection).

Phone scams are difficult to prevent. Scam preventions systems may beused to block or prevent phone calls from known scammers. Existingscam/telemarketing detection/prevention systems typically involvefiltering phone numbers of incoming phone calls based on a collection ofphone numbers flagged as suspicious (i.e., blacklisted). Findingtraining data for training scam/telemarketing detection/preventionsystems, however, is difficult. Further, adversaries may poison trainingdata collected for use in training scam/telemarketingdetection/prevention systems, resulting in misclassifications that areto the advantage of the adversaries (e.g., the adversaries avoiddetection, the scam/telemarketing detection/prevention system functionspoorly, etc.).

One embodiment provides a bot-based honeypot data collection frameworkfor collecting training data for systems that filter unwanted phonesolicitations. The framework may be used to collect training data fordifferent types of systems that filter unwanted phone solicitations suchas, but not limited to, a scam detection/prevention system for detectingand blocking phone scams, a telemarketing detection/prevention systemfor detecting and blocking telemarketing calls, a system for detectingphone calls soliciting donations to various organizations, a system fordetecting phone calls influencing voters to vote in a particular manner(e.g., vote for a particular candidate, vote for a particularlegislation, etc.), and other types of systems for filtering undesirablephone calls.

In one embodiment, the framework is resilient against adversaries thattry to poison the training data collected (i.e., the data collected ispoison resilient). The framework utilizes a honeypot of unused phonenumbers for receiving phone calls. As the unused phone numbers do notserve any legitimate purpose (e.g., not used as a residence phonenumber, a business phone number, an emergency phone number, etc.), thephone calls received are likely unsolicited/undesired phone calls, suchas phone calls from telemarketers, bots, and scammers. The frameworkutilizes a bot that impersonates a human being to answer phone callsreceived at the phone numbers. To entice an adversary who placed anunsolicited phone call into making a pitch, the bot engages in aconversation with the adversary to collect information relating to theunsolicited phone call.

In one embodiment, the framework runs one or more defensive mechanismsto verify that the information collected is not poisoned by anadversary. The verified information may be used as training data fortraining a system for filtering unwanted phone solicitations, such as ascam/telemarketing detection/prevention system for detecting signaturesof known phone scams and unwanted phone solicitations.

FIG. 1 illustrates an example computer architecture 50 for collectingpoison resilient training data for detecting/preventing unwanted phonesolicitations, in accordance with an embodiment of the invention. Thecomputer architecture 50 comprises an electronic device 100 includingcomputation resources, such as one or more processor units 110 and oneor more storage units 120. One or more applications may execute/operateon the device 100 utilizing the computation resources of the device 100.In one embodiment, the applications include, but are not limited to, abot-based honeypot data collection system 200. A honeypot ofpre-specified phone numbers is assigned to the system 200. In oneembodiment, the pre-specified phone numbers comprise unused phonenumbers that do not serve any legitimate purpose. As described in detaillater herein, the system 200 is configured to answer an incoming phonecall to one of the pre-specified phone numbers, engage in a conversationwith a caller 10 who initiated the phone call utilizing a bot configuredto impersonate a human being, and record the conversation. Each recordedconversation is classified as one of poison data or truthful trainingdata.

A recorded conversation classified as truthful training data may be usedas training data for training a system that filters unwanted phonesolicitations such as, but not limited to, a scam detection/preventionsystem for detecting and blocking phone scams from scammers, atelemarketing detection/prevention system for detecting and blockingtelemarketing calls from telemarketers, a system for detecting phonecalls soliciting donations to various organizations, a system fordetecting phone calls influencing voters to vote in a particular manner(e.g., vote for a particular candidate, vote for a particularlegislation, etc.), and other types of systems for filtering undesirablephone calls.

The device 100 may be any type of electronic device, such as, but notlimited to, a mobile device (e.g., a smart phone, a laptop, a tablet,etc.), a digital telephone, a server connected to a local network, etc.

In one embodiment, the device 100 comprises one or more input/output(I/O) modules 130 integrated in or coupled to the device 100, such as akeyboard, a keypad, a touch interface, a display screen, etc. A user mayutilize an I/O module 130 to configure one or more settings for datacollection (e.g., setting up phone numbers that the system 200 isconfigured to receive phone calls for, etc.).

In one embodiment, the device 100 comprises one or more sensor modules140 integrated in or coupled to the device 100, such as a microphone,GPS, etc. The one or more sensor modules 140 may be utilized to collectdata relating to a phone call answered by the system 200. For example,in response to receiving an incoming phone call from a caller 10, thesystem 200 may utilize a microphone of the device 100 to record aconversation with the caller 10; a recording of the phone call may beutilize as training data for training a scam/telemarketingdetection/prevention system.

FIG. 2 illustrates an example bot-based honeypot data collection system200 in detail, in accordance with an embodiment of the invention. One ormore components of the system 200 may utilize one or more data sets suchas, but not limited to, the following: (1) a first data set 410maintaining voice recordings of different individuals the system 200 mayimpersonate (e.g., voice recordings of the elderly, teenagers, and otherpersons typically targeted by adversaries), (2) a second data set 420maintaining learned scam information (e.g., using machine learning (ML))including voice samples of existing/known adversaries (e.g., voicesamples of scammers, telemarketers, etc.), and (3) a third data set 430maintaining different conversation templates. Each data set may bemaintained locally on the device 100 or remotely (e.g., on a remoteserver).

The system 200 comprises a data collection unit 210 configured tocollect data relating to an incoming phone call 15 made to apre-specified phone number assigned to the system 200. In oneembodiment, the data collection unit 210 comprises a bot 211. The bot211 is a software application configured to run automated tasks.Specifically, the bot 211 is configured to impersonate a human beingwhen answering an incoming phone call to a pre-specified phone numberfrom a caller 10. Specifically, the bot 211 engages in a conversationwith the caller 10 utilizing a voice recording that sounds human. Thevoice recording may be selected from the data set 410 to impersonate anindividual belonging to any type of demographic or population. Forexample, a scammer may be tricked/enticed into engaging in aconversation with the bot 211 utilizing a voice recording thatimpersonates common victims of scams, such as the elderly, teenagers, orother persons who are typically vulnerable to scams.

In one embodiment, the both agent 211 is configured to engage andestablish a conversation with a caller 10 by dynamically conversing withthe caller 10 based on a conversation template including learneddialogue/conversation patterns. For example, the bot 211 may select theconversation template from the data set 430. The use of the conversationtemplate increases the likelihood the caller 10 perceives the bot 211 asa human being, not a bot.

In one embodiment, the bot 211 is configured to record its conversationwith a caller 10. A resulting recording 16 of the conversation(“recorded conversation”) is stored in a first database 212. The firstdatabase 212 may be maintained locally on the device 100 or remotely(e.g., on a remote server).

In one embodiment, the bot 211 is configured to invoke/apply aspeech-to-text service/process to transcribe a recording 16 of aconversation between a caller 10 and the bot 211 into a transcript oftext.

In one embodiment, each recorded conversation maintained in the firstdatabase 212 has corresponding metadata, such as a transcript of theconversation, follow-up contact information (e.g., a phone number of acaller 10), etc.

In one embodiment, the bot 211 is configured to determine an identity ofa caller 10 by comparing voice patterns of the caller 10 against voicesamples of known adversaries (e.g., scammers, telemarketers, etc.). Forexample, the bot 211 may recognize a caller 10 as a knownscammer/telemarketer if a voice of the caller 10 matches or issubstantially similar to a voice sample maintained in the data set 420.

The system 200 comprises a data poisoning defense unit 220 configured toprotect data collected by the data collection unit 210 againstadversaries trying to poison the data collected. In one embodiment, thedata poisoning defense unit 220 comprises a poison data filtering unit221 configured to receive data collected by the data collection unit 210(i.e., recorded conversations stored in the first database 212), andfilter the data collected by applying one or more learned defensivemechanisms to detect poisoned data. As a result of the filtering, eachrecorded conversation may be classified into one of the followingclassification groups: (1) poison data, or (2) truthful training data.

Each recorded conversation classified as poison data is maintained in asecond database 222 with corresponding metadata (e.g., a transcript ofthe conversation, follow-up contact information, etc.). The recordedconversations maintained in the second database 222 represent poisoneddata that should not be used as training data for a system that filtersunwanted phone solicitations (e.g., scam/telemarketingdetection/prevention systems, etc.).

Each recorded conversation classified as truthful training data ismaintained in a third database 223 with corresponding metadata (e.g., atranscript of the conversation, follow-up contact information, etc.).The recorded conversations maintained in the third database 223represent poison resilient data that may be used as training data fortraining a system that filters unwanted phone solicitations (e.g.,scam/telemarketing detection/prevention systems, etc.). Each database222, 223 may be maintained locally on the device 100 or remotely (e.g.,on a remote server).

In one embodiment, the one or more learned defensive mechanisms appliedby the poison data filtering unit 221 comprise applying at least onelearned detection model. Examples of different learned detection modelsthe poison data filtering unit 221 may apply include, but are notlimited to, the following: a data point inspection model for inspectingand evaluation impact of a particular training data point in a resultingclassification, a normality model for identifying data deviations, a setof classifies that the poison data filtering unit 221 may rotate toavoid an adversary circumventing a particular classifier, a cross-sourceconsistency checking model for cross-checking different data sources andidentifying data deviations between the data sources, etc. In anotherembodiment, the poison data filtering unit 221 may apply one or moreother types of detection models.

One or more of the learned detection models (e.g., a cross-sourceconsistency checking model) may require ground truth data. For example,the poison data filtering unit 221 may obtain ground truth data from adata set 450. The data set 450 may be maintained locally on the device100 or remotely (e.g., on a remote server).

In one embodiment, each learned detection model utilized by the poisondata filtering unit 221 is trained online (i.e., on the device 100) oroffline (i.e., not on the device 100). For example, in a training stage,a detection model may be trained on a remote server using machinelearning. After training, the resulting learned detection model may beloaded onto/downloaded to the device 100 as a portion of the system 200for use in a deployment stage.

In one embodiment, a system 500 for filtering unwanted phonesolicitations (e.g., scam/telemarketing detection/prevention systems,etc.) may be trained based on training data comprising ground truth datamaintained in the data set 450 and/or poison resilient data maintainedin the third database 223. For example, if the system 500 is implementedas a scam/telemarketing detection/prevention system, the system 500 maybe trained to detect signatures of known phone scams and unwanted phonesolicitations, and support real-time analysis of communications (e.g., alive phone call) between an adversary (e.g., a scammer, a telemarketer,etc.) and a target/potential victim of the adversary (e.g., the elderly,teenagers, etc.) to detect attributes that indicate phishing, scams,telemarketing, etc. The system 500 may be a component of the system 200or a component of an external system. An embodiment of thescam/telemarketing detection/prevention system is described incommonly-assigned, co-pending U.S. Non-Provisional patent applicationentitled “CONVERSATION AND CONTEXT AWARE FRAUD AND ABUSE PREVENTIONAGENT” Ser. No. 15/436,357, filed on the same day as the presentapplication. Another embodiment of the scam/telemarketingdetection/prevention system is described in commonly-assigned,co-pending U.S. Non-Provisional patent application entitled “OUTGOINGCOMMUNICATION SCAM PREVENTION” Ser. No. 15/436,365, filed on the sameday as the present application.

As another example, the system 500 may be implemented as one or moreother types of systems for filtering unwanted phone solicitations suchas, but not limited to, a system for detecting phone calls solicitingdonations to various organizations, a system for detecting phone callsinfluencing voters to vote in a particular manner (e.g., vote for aparticular candidate, vote for a particular legislation, etc.), andother types of systems for filtering undesirable phone calls.

FIG. 3 is a flowchart for an example process 850 for collecting poisonresilient training data for detecting/preventing unwanted phonesolicitations, in accordance with an embodiment of the invention. Inprocess block 851, process 850 starts. In process block 852, answer oneor more incoming phone calls received at one or more pre-specified phonenumbers utilizing a bot, where the bot is configured to engage in aconversation with a caller who initiates an incoming phone callutilizing a voice recording that impersonates a human being.

In process block 853, record each conversation the bot engages in.

In process block 854, classify each recorded conversation as one ofpoison data or truthful training data based on content of the recordedconversation and one or more learned detection models for detectingpoisoned data.

In process block 855, the process 850 ends.

In one embodiment, process blocks 851-855 are performed by one or morecomponents of the system 200, such as the data collection unit 210 andthe data poisoning defense unit 220.

FIG. 4 is a high level block diagram showing an information processingsystem 300 useful for implementing one embodiment of the invention. Thecomputer system includes one or more processors, such as processor 302.The processor 302 is connected to a communication infrastructure 304(e.g., a communications bus, cross-over bar, or network).

The computer system can include a display interface 306 that forwardsgraphics, text, and other data from the voice communicationinfrastructure 304 (or from a frame buffer not shown) for display on adisplay unit 308. The computer system also includes a main memory 310,preferably random access memory (RAM), and may also include a secondarymemory 312. The secondary memory 312 may include, for example, a harddisk drive 314 and/or a removable storage drive 316, representing, forexample, a floppy disk drive, a magnetic tape drive, or an optical diskdrive. The removable storage drive 316 reads from and/or writes to aremovable storage unit 318 in a manner well known to those havingordinary skill in the art. Removable storage unit 318 represents, forexample, a floppy disk, a compact disc, a magnetic tape, or an opticaldisk, etc. which is read by and written to by removable storage drive316. As will be appreciated, the removable storage unit 318 includes acomputer readable medium having stored therein computer software and/ordata.

In alternative embodiments, the secondary memory 312 may include othersimilar means for allowing computer programs or other instructions to beloaded into the computer system. Such means may include, for example, aremovable storage unit 320 and an interface 322. Examples of such meansmay include a program package and package interface (such as that foundin video game devices), a removable memory chip (such as an EPROM, orPROM) and associated socket, and other removable storage units 320 andinterfaces 322, which allows software and data to be transferred fromthe removable storage unit 320 to the computer system.

The computer system may also include a communication interface 324.Communication interface 324 allows software and data to be transferredbetween the computer system and external devices. Examples ofcommunication interface 324 may include a modem, a network interface(such as an Ethernet card), a communication port, or a PCMCIA slot andcard, etc. Software and data transferred via communication interface 324are in the form of signals which may be, for example, electronic,electromagnetic, optical, or other signals capable of being received bycommunication interface 324. These signals are provided to communicationinterface 324 via a communication path (i.e., channel) 326. Thiscommunication path 326 carries signals and may be implemented using wireor cable, fiber optics, a phone line, a cellular phone link, an RF link,and/or other communication channels.

The present invention may be a system, a method, and/or a computerprogram product. The computer program product may include a computerreadable storage medium (or media) having computer readable programinstructions thereon for causing a processor to carry out aspects of thepresent invention. The computer readable storage medium can be atangible device that can retain and store instructions for use by aninstruction execution device. The computer readable storage medium maybe, for example, but is not limited to, an electronic storage device, amagnetic storage device, an optical storage device, an electromagneticstorage device, a semiconductor storage device, or any suitablecombination of the foregoing. A non-exhaustive list of more specificexamples of the computer readable storage medium includes the following:a portable computer diskette, a hard disk, a random access memory (RAM),a read-only memory (ROM), an erasable programmable read-only memory(EPROM or Flash memory), a static random access memory (SRAM), aportable compact disc read-only memory (CD-ROM), a digital versatiledisk (DVD), a memory stick, a floppy disk, a mechanically encoded devicesuch as punch-cards or raised structures in a groove having instructionsrecorded thereon, and any suitable combination of the foregoing. Acomputer readable storage medium, as used herein, is not to be construedas being transitory signals per se, such as radio waves or other freelypropagating electromagnetic waves, electromagnetic waves propagatingthrough a waveguide or other transmission media (e.g., light pulsespassing through a fiber-optic cable), or electrical signals transmittedthrough a wire.

Computer readable program instructions described herein can bedownloaded to respective computing/processing devices from a computerreadable storage medium or to an external computer or external storagedevice via a network, for example, the Internet, a local area network, awide area network and/or a wireless network. The network may comprisecopper transmission cables, optical transmission fibers, wirelesstransmission, routers, firewalls, switches, gateway computers and/oredge servers. A network adapter card or network interface in eachcomputing/processing device receives computer readable programinstructions from the network and forwards the computer readable programinstructions for storage in a computer readable storage medium withinthe respective computing/processing device.

Computer readable program instructions for carrying out operations ofthe present invention may be assembler instructions,instruction-set-architecture (ISA) instructions, machine instructions,machine dependent instructions, microcode, firmware instructions,state-setting data, or either source code or object code written in anycombination of one or more programming languages, including an objectoriented programming language such as Smalltalk, C++ or the like, andconventional procedural programming languages, such as the “C”programming language or similar programming languages. The computerreadable program instructions may execute entirely on the user'scomputer, partly on the user's computer, as a stand-alone softwarepackage, partly on the user's computer and partly on a remote computeror entirely on the remote computer or server. In the latter scenario,the remote computer may be connected to the user's computer through anytype of network, including a local area network (LAN) or a wide areanetwork (WAN), or the connection may be made to an external computer(for example, through the Internet using an Internet Service Provider).In some embodiments, electronic circuitry including, for example,programmable logic circuitry, field-programmable gate arrays (FPGA), orprogrammable logic arrays (PLA) may execute the computer readableprogram instructions by utilizing state information of the computerreadable program instructions to personalize the electronic circuitry,in order to perform aspects of the present invention.

Aspects of the present invention are described herein with reference toflowchart illustrations and/or block diagrams of methods, apparatus(systems), and computer program products according to embodiments of theinvention. It will be understood that each block of the flowchartillustrations and/or block diagrams, and combinations of blocks in theflowchart illustrations and/or block diagrams, can be implemented bycomputer readable program instructions.

These computer readable program instructions may be provided to aprocessor of a general purpose computer, special purpose computer, orother programmable data processing apparatus to produce a machine, suchthat the instructions, which execute via the processor of the computeror other programmable data processing apparatus, create means forimplementing the functions/acts specified in the flowchart and/or blockdiagram block or blocks. These computer readable program instructionsmay also be stored in a computer readable storage medium that can directa computer, a programmable data processing apparatus, and/or otherdevices to function in a particular manner, such that the computerreadable storage medium having instructions stored therein comprises anarticle of manufacture including instructions which implement aspects ofthe function/act specified in the flowchart and/or block diagram blockor blocks.

The computer readable program instructions may also be loaded onto acomputer, other programmable data processing apparatus, or other deviceto cause a series of operational steps to be performed on the computer,other programmable apparatus or other device to produce a computerimplemented process, such that the instructions which execute on thecomputer, other programmable apparatus, or other device implement thefunctions/acts specified in the flowchart and/or block diagram block orblocks.

The flowchart and block diagrams in the Figures illustrate thearchitecture, functionality, and operation of possible implementationsof systems, methods, and computer program products according to variousembodiments of the present invention. In this regard, each block in theflowchart or block diagrams may represent a module, segment, or portionof instructions, which comprises one or more executable instructions forimplementing the specified logical function(s). In some alternativeimplementations, the functions noted in the block may occur out of theorder noted in the figures. For example, two blocks shown in successionmay, in fact, be executed substantially concurrently, or the blocks maysometimes be executed in the reverse order, depending upon thefunctionality involved. It will also be noted that each block of theblock diagrams and/or flowchart illustration, and combinations of blocksin the block diagrams and/or flowchart illustration, can be implementedby special purpose hardware-based systems that perform the specifiedfunctions or acts or carry out combinations of special purpose hardwareand computer instructions.

From the above description, it can be seen that the present inventionprovides a system, computer program product, and method for implementingthe embodiments of the invention. The present invention further providesa non-transitory computer-useable storage medium for implementing theembodiments of the invention. The non-transitory computer-useablestorage medium has a computer-readable program, wherein the program uponbeing processed on a computer causes the computer to implement the stepsof the present invention according to the embodiments described herein.References in the claims to an element in the singular is not intendedto mean “one and only” unless explicitly so stated, but rather “one ormore.” All structural and functional equivalents to the elements of theabove-described exemplary embodiment that are currently known or latercome to be known to those of ordinary skill in the art are intended tobe encompassed by the present claims. No claim element herein is to beconstrued under the provisions of 35 U.S.C. section 112, sixthparagraph, unless the element is expressly recited using the phrase“means for” or “step for.”

The terminology used herein is for the purpose of describing particularembodiments only and is not intended to be limiting of the invention. Asused herein, the singular forms “a”, “an” and “the” are intended toinclude the plural forms as well, unless the context clearly indicatesotherwise. It will be further understood that the terms “comprises”and/or “comprising,” when used in this specification, specify thepresence of stated features, integers, steps, operations, elements,and/or components, but do not preclude the presence or addition of oneor more other features, integers, steps, operations, elements,components, and/or groups thereof.

The corresponding structures, materials, acts, and equivalents of allmeans or step plus function elements in the claims below are intended toinclude any structure, material, or act for performing the function incombination with other claimed elements as specifically claimed. Thedescription of the present invention has been presented for purposes ofillustration and description, but is not intended to be exhaustive orlimited to the invention in the form disclosed. Many modifications andvariations will be apparent to those of ordinary skill in the artwithout departing from the scope and spirit of the invention. Theembodiment was chosen and described in order to best explain theprinciples of the invention and the practical application, and to enableothers of ordinary skill in the art to understand the invention forvarious embodiments with various modifications as are suited to theparticular use contemplated.

What is claimed is:
 1. A method comprising: answering one or moreincoming phone calls utilizing a bot, wherein the bot is configured toengage in a conversation with a caller who initiates an incoming phonecall utilizing a voice recording that impersonates a human beingbelonging to a particular demographic targeted by the caller, and thebot is further configured to dynamically converse with the caller basedon a conversation template including one or more learned conversationpatterns to increase a likelihood the caller perceives the bot as thehuman being belonging to the particular demographic belonging to theparticular demographic; detecting one or more unwanted phonesolicitations based on a real-time analysis of each conversation the botengages in; and filtering each unwanted phone solicitation detected. 2.The method of claim 1, wherein the bot is configured to dynamicallyconverse with the caller based on the conversation template.
 3. Themethod of claim 1, wherein the bot is configured to impersonate anyhuman being belonging to any type of demographic or population byselecting and using a voice recording impersonating the human being. 4.The method of claim 1, wherein detecting one or more unwanted phonesolicitations comprises: applying a learned detection model to eachconversation the bot engages in to detect one or more attributesindicating a scam or telemarketing.
 5. The method of claim 4, whereindetecting one or more unwanted phone solicitations further comprises:determining an identity of a caller initiating an incoming phone call bycomparing voice patterns of the caller against one or more voice samplesof one or more known scammers or telemarketers.
 6. A system comprising:at least one processor; and a non-transitory processor-readable memorydevice storing instructions that when executed by the at least oneprocessor causes the at least one processor to perform operationsincluding: answering one or more incoming phone calls utilizing a bot,wherein the bot is configured to engage in a conversation with a callerwho initiates an incoming phone call utilizing a voice recording thatimpersonates a human being belonging to a particular demographictargeted by the caller, and the bot is further configured to dynamicallyconverse with the caller based on a conversation template including oneor more learned conversation patterns to increase a likelihood thecaller perceives the bot as the human being belonging to the particulardemographic; detecting one or more unwanted phone solicitations based ona real-time analysis of each conversation the bot engages in; andfiltering each unwanted phone solicitation detected.
 7. The system ofclaim 6, wherein the bot is configured to dynamically converse with thecaller based on the conversation template.
 8. The system of claim 6,wherein the bot is configured to impersonate any human being belongingto any type of demographic or population by selecting and using a voicerecording impersonating the human being.
 9. The system of claim 6,wherein detecting one or more unwanted phone solicitations comprises:applying a learned detection model to each conversation the bot engagesin to detect one or more attributes indicating a scam or telemarketing.10. The system of claim 9, wherein detecting one or more unwanted phonesolicitations further comprises: determining an identity of a callerinitiating an incoming phone call by comparing voice patterns of thecaller against one or more voice samples of one or more known scammersor telemarketers.
 11. A computer program product comprising acomputer-readable hardware storage medium having program code embodiedtherewith, the program code being executable by a computer to implementa method comprising: answering one or more incoming phone callsutilizing a bot, wherein the bot is configured to engage in aconversation with a caller who initiates an incoming phone callutilizing a voice recording that impersonates a human being belonging toa particular demographic targeted by the caller, and the bot is furtherconfigured to dynamically converse with the caller based on aconversation template including one or more learned conversationpatterns to increase a likelihood the caller perceives the bot as thehuman being belonging to the particular demographic; detecting one ormore unwanted phone solicitations based on a real-time analysis of eachconversation the bot engages in; and filtering each unwanted phonesolicitation detected.
 12. The computer program product of claim 11,wherein the bot is configured to dynamically converse with the callerbased on the conversation template.
 13. The computer program product ofclaim 11, wherein the bot is configured to impersonate any human beingbelonging to any type of demographic or population by selecting andusing a voice recording impersonating the human being.
 14. The computerprogram product of claim 11, wherein detecting one or more unwantedphone solicitations comprises: applying a learned detection model toeach conversation the bot engages in to detect one or more attributesindicating a scam or telemarketing.
 15. The computer program product ofclaim 14, wherein detecting one or more unwanted phone solicitationsfurther comprises: determining an identity of a caller initiating anincoming phone call by comparing voice patterns of the caller againstone or more voice samples of one or more known scammers ortelemarketers.